---
# tasklist for setting up the mirrorlist app as a container on proxies


- name: add mirrormanager user - uid {{ mirrormanager_uid }}
  user: name=mirrormanager uid={{ mirrormanager_uid }} state=present home=/home/mirrormanager createhome=yes
  tags:
  - mirrorlist_proxy

# mirrormanager user ssh key(s)
- name: add authorized_keys for mirrormanager
  authorized_key: key="{{ item }}" user=mirrormanager state=present
  with_file:
  - mm-authorized_key
  tags:
  - mirrorlist_proxy

- name: setup directories
  file: dest="{{item}}" mode=0755 state=directory
  with_items:
  - /srv/mirrorlist
  - /srv/mirrorlist/data
  - /srv/mirrorlist/data/mirrorlist1
  - /srv/mirrorlist/data/mirrorlist2
  - /var/log/mirrormanager1
  - /var/log/mirrormanager2
  tags:
  - mirrorlist_proxy

- name: make sure mirrormanager user can write new pkl files
  file: dest="{{item}}" owner=mirrormanager group=mirrormanager
  with_items:
  - /srv/mirrorlist/data
  - /srv/mirrorlist/data/mirrorlist1
  - /srv/mirrorlist/data/mirrorlist2
  tags:
  - mirrorlist_proxy

- name: set logrotate_read_inside_containers so logrotate works
  seboolean: name=logrotate_read_inside_containers state=yes persistent=yes
  tags:
  - mirrorlist_proxy

- name: setup logrotate log for mirrormanager log files
  copy: src=logrotate-mirrormanager dest=/etc/logrotate.d/mirrormanager
  tags:
  - mirrorlist_proxy

- name: Install docker
  package: name={{item}} state=present
  with_items:
  - docker
  - python-docker-py
  tags:
  - mirrorlist_proxy

- name: setup daemon.json to not restart containers on docker service restarts
  copy: src=daemon.json dest=/etc/docker/daemon.json
  tags:
  - mirrorlist_proxy

- name: Run docker
  service: name=docker state=started enabled=yes
  tags:
  - mirrorlist_proxy

- name: Pull mirrorlist image
  docker_image:
    name: "{{ mirrorlist_container_image }}"
    tls_verify: true
  tags:
  - mirrorlist_proxy

# We deploy two service files. Both listen on a different port, so that we can switch
# them out as part of the pkl deployment without having any local downtime.
- name: Deploy service files
  template: src=mirrorlist.service.j2 dest=/etc/systemd/system/mirrorlist{{ item }}.service
  with_items:
  - 1
  - 2
  tags:
  - mirrorlist_proxy
  notify:
  - reload systemd

# We enable mirrorlist1 so we have one that always starts on boot. The pkl deployment script
# will make sure that at least one is running and the other is killed.
- name: Enable mirrorlist1
  service: name=mirrorlist1 enabled=yes
  tags:
  - mirrorlist_proxy

# install our cron script to handle hourly new pkl changes. 
- name: install script to restart mirrorlist containers on pkl changes
  copy: src=restart-mirrorlist-containers dest=/usr/local/bin/restart-mirrorlist-containers mode=0755
  tags:
  - mirrorlist_proxy

- name: Setup hourly cron at for pkl reload restarts
  cron: name="restart-mirrorlist-containers" minute="15" user="root"
        job="/usr/local/bin/restart-mirrorlist-containers"
        cron_file=restart-mirrorlist-containers
  tags:
  - mirrorlist_proxy

# Custom selinux policy to allow logrotate to rotate our mirrorlist logs
- name: ensure a directory exists for our custom selinux module
  file: dest=/usr/local/share/mirrorlist-logrotate state=directory
  tags:
  - selinux
  - mirrorlist_proxy

- name: copy over our custom selinux module
  copy: src=selinux/mirrorlist-logrotate.pp dest=/usr/local/share/mirrorlist-logrotate/mirrorlist-logrotate.pp
  register: selinux_module
  tags:
  - selinux
  - mirrorlist_proxy

- name: install our custom selinux module
  command: semodule -i /usr/local/share/mirrorlist-logrotate/mirrorlist-logrotate.pp
  when: selinux_module|changed
  tags:
  - selinux
  - mirrorlist_proxy
